There are a number of known methodologies to secure group communications, such as multicast group communications, in a communication network. One such methodology is centralized key management, which affords a level of efficiency and cost effectiveness over other methodologies for key management. Typically in a centralized key management approach, an entity called a group controller is used to generate, distribute and update keys for use by a group of nodes in a communication network to affect secure communications between the nodes in the group. A node is defined herein as a point of connection, which may be a redistribution point or an endpoint, in the communication network. In general each node has programmed or engineered capability to recognize, process and/or forward transmissions to and from other nodes.
A primary shortcoming of traditional centralized key management schemes, however, is that they introduce a single point of failure at the group controller. In other words, if the group controller is compromised via a security attack or if the group controller fails, then group communications is compromised. Another shortcoming of centralized key management schemes is the potential for overloading a single group controller as the size of the group increases, especially when the group controller initially distributes keys to the nodes in the group because this is generally much more time consuming and computationally intensive than generating and updating keys. For example, a group controller comprising a 116 MHz computer can generate a new set of keys for 1000 nodes in about 20 ms. However initial key distribution, which includes authenticating each of the 1000 nodes and distributing keys to each node one by one, might take at least eighty seconds (forty seconds for authentication procedures and forty plus seconds for actually distributing the keys to the nodes). This may be extremely undesirable in certain applications, for example in a mission critical application.
One known solution for addressing the above shortcomings is to use two synchronized centralized group controllers. In general, one of the group controllers is the primary group controller in that during the time that it is operational, it is typically solely responsible for generating, distributing and updating the keys. The other group controller is a secondary group controller and would typically only be used where the first group controller becomes inoperable or fails. These two group controllers are synchronized including having a synchronized set of keys, i.e., an identical set, when both are operational, which is generally the set that was generated by the primary group controller.
The above solution addresses fault tolerance in the centralized key management approach in that if the primary group controller fails, the secondary group controller can take over the key management functions since it is synchronized with the primary group controller. However, this solution does not address attack tolerance. Since only one set of keys is being used between the two group controllers, if either of these entities becomes compromised then the entire single set of keys is exposed to attack. The set of keys, thereby, becomes compromised such that an entirely new set of keys would likely have to be generated and distributed to each node in the group. This solution also fails to address the problem of overload of a single group controller because although there are two group controllers implemented in the system, only one of them is performing key management functions (including key distribution) at any given time.
Thus, there exists a need for an improved centralized key management approach that is both attack tolerant and fault tolerant. It is also desirable that this centralized key management approach incorporate load balancing techniques, especially during the relatively time-consuming and computationally intensive key distribution process.